ansible-podman/roles/matrix_authentication_service/meta/argument_specs.yaml

---
argument_specs:
  main:
    description: "Sets up a matrix authentication service podman container."
    options:
      matrix_authentication_service_additional_networks:
        description: A list of additional podman networks for the matrix authentication service container.
        type: list
        required: false
        default: []
        elements: str
      matrix_authentication_service_domain:
        description: Domain for matrix authentication service
        type: str
        required: true
      matrix_authentication_service_homeserver_name:
        description: Homserver server name
        type: str
        required: true
      matrix_authentication_service_homeserver_address:
        description: Address where homeserver is accessible to matrix authentication service
        type: str
        required: true
      matrix_authentication_service_client_secret:
        description: >
          See [upstream docs](https://element-hq.github.io/matrix-authentication-service/setup/homeserver.html#provision-a-client-for-the-homeserver-to-use)
        type: str
        required: true
      matrix_authentication_service_homeserver_secret:
        description: See [upstream docs](https://element-hq.github.io/matrix-authentication-service/reference/configuration.html#matrix)
        type: str
        required: true
      matrix_authentication_service_secrets:
        description:
          - Matrix authentication service secrets.
          - See [upstream docs](https://element-hq.github.io/matrix-authentication-service/reference/configuration.html#secrets) for more info
        type: dict
        required: true
        options:
          encryption:
            type: str
            required: true
          keys:
            type: list
            required: true
            elements: dict
            options:
              kid:
                type: str
                required: true
              key:
                type: str
                required: true
      matrix_authentication_service_email_smtp_server:
        description: email.smtp_host, set this to enable sending emails
        type: str
        required: false
        default: ""
      matrix_authentication_service_email_smtp_user:
        description: Required if matrix_authentication_service_email_smtp_server is set
        type: str
      matrix_authentication_service_email_smtp_password:
        description: Required if matrix_authentication_service_email_smtp_server is set
        type: str
      matrix_authentication_service_email_from:
        description: Required if matrix_authentication_service_email_smtp_server is set
        type: str

      matrix_authentication_service_upstream_oauth2_client_id:
        description: See https://element-hq.github.io/matrix-authentication-service/reference/configuration.html#upstream_oauth2providers
        type: str
        required: false
        default: ""
      matrix_authentication_service_upstream_oauth2_human_name:
        description: Required if matrix_authentication_service_upstream_oauth2_client_id is set
        type: str
      matrix_authentication_service_upstream_oauth2_client_secret:
        description: Required if matrix_authentication_service_upstream_oauth2_client_id is set
        type: str
      matrix_authentication_service_upstream_oauth2_issuer:
        description: Required if matrix_authentication_service_upstream_oauth2_client_id is set
        type: str
      matrix_authentication_service_upstream_oauth2_scope:
        description: Required if matrix_authentication_service_upstream_oauth2_client_id is set
        type: str
      matrix_authentication_service_upstream_oauth2_claims_imports:
        description: Required if matrix_authentication_service_upstream_oauth2_client_id is set
        type: dict
        options:
          subject:
            type: dict
            required: false
            options:
              template:
                type: str
                required: true
          localpart:
            type: dict
            required: true
            options:
              action:
                type: str
                required: true
              template:
                description: Required if action is not ignore
                type: str
          displayname:
            type: dict
            required: true
            options:
              action:
                type: str
                required: true
              template:
                description: Required if action is not ignore
                type: str
          email:
            type: dict
            required: true
            options:
              action:
                type: str
                required: true
              template:
                description: Required if action is not ignore
                type: str

      matrix_authentication_service_postgres_tag:
        description: Postgres tag to use for matrix authentication service postgres container
        type: str
        required: false
        default: 16-alpine